Skip to content

Commit

Permalink
Merge pull request puppetlabs#8799 from cocker-cc/Make_regsubst_sensi…
Browse files Browse the repository at this point in the history
…tive-aware

(PUP-11326) Make regsubst() sensitive-aware
  • Loading branch information
mhashizume authored Oct 28, 2024
2 parents 3068b8f + 0bf1a6b commit 8fcce5c
Show file tree
Hide file tree
Showing 2 changed files with 52 additions and 3 deletions.
25 changes: 22 additions & 3 deletions lib/puppet/functions/regsubst.rb
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
# $i3 = regsubst($ipaddress,'^(\\d+)\\.(\\d+)\\.(\\d+)\\.(\\d+)$','\\3')
# ```
dispatch :regsubst_string do
param 'Variant[Array[String],String]', :target
param 'Variant[Array[Variant[String,Sensitive[String]]],Sensitive[Array[Variant[String,Sensitive[String]]]],Variant[String,Sensitive[String]]]', :target
param 'String', :pattern
param 'Variant[String,Hash[String,String]]', :replacement
optional_param 'Optional[Pattern[/^[GEIM]*$/]]', :flags
Expand Down Expand Up @@ -59,7 +59,7 @@
# $x = regsubst($ipaddress, /([0-9]+)/, '<\\1>', 'G')
# ```
dispatch :regsubst_regexp do
param 'Variant[Array[String],String]', :target
param 'Variant[Array[Variant[String,Sensitive[String]]],Sensitive[Array[Variant[String,Sensitive[String]]]],Variant[String,Sensitive[String]]]', :target
param 'Variant[Regexp,Type[Regexp]]', :pattern
param 'Variant[String,Hash[String,String]]', :replacement
optional_param 'Pattern[/^G?$/]', :flags
Expand Down Expand Up @@ -94,7 +94,26 @@ def regsubst_regexp(target, pattern, replacement, flags = nil)
end

def inner_regsubst(target, re, replacement, op)
target.respond_to?(op) ? target.send(op, re, replacement) : target.collect { |e| e.send(op, re, replacement) }
if target.is_a?(Puppet::Pops::Types::PSensitiveType::Sensitive) && target.unwrap.is_a?(Array)
# this is a Sensitive Array
target = target.unwrap
target.map do |item|
inner_regsubst(item, re, replacement, op)
end
elsif target.is_a?(Array)
# this is an Array
target.map do |item|
inner_regsubst(item, re, replacement, op)
end
elsif target.is_a?(Puppet::Pops::Types::PSensitiveType::Sensitive)
# this is a Sensitive
target = target.unwrap
target = target.respond_to?(op) ? target.send(op, re, replacement) : target.map { |e| e.send(op, re, replacement) }
Puppet::Pops::Types::PSensitiveType::Sensitive.new(target)
else
# this should be a String
target.respond_to?(op) ? target.send(op, re, replacement) : target.map { |e| e.send(op, re, replacement) }
end
end
private :inner_regsubst
end
30 changes: 30 additions & 0 deletions spec/unit/functions/regsubst_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -111,4 +111,34 @@ def regsubst(*args)
end

end

context 'when using a Target of Type sensitive String' do
it 'should process it' do
result = regsubst(Puppet::Pops::Types::PSensitiveType::Sensitive.new('very secret'), 'very', 'top')
expect(result).to be_a(Puppet::Pops::Types::PSensitiveType::Sensitive)
expect(result.unwrap).to eq("top secret")
end
end

context 'when using a Target of Type Array with mixed String and sensitive String' do
it 'should process it' do
my_array = ['very down', Puppet::Pops::Types::PSensitiveType::Sensitive.new('very secret')]
expect(regsubst(my_array, 'very', 'top')).to be_a(Array)
expect(regsubst(my_array, 'very', 'top')[0]).to eq('top down')
result = regsubst(my_array, 'very', 'top')[1]
expect(result).to be_a(Puppet::Pops::Types::PSensitiveType::Sensitive)
expect(result.unwrap).to eq('top secret')
end
end

context 'when using a Target of Type Sensitive Array with mixed String and sensitive String' do
it 'should process it' do
my_array = Puppet::Pops::Types::PSensitiveType::Sensitive.new(['very down', Puppet::Pops::Types::PSensitiveType::Sensitive.new('very secret')])
expect(regsubst(my_array, 'very', 'top')).to be_a(Array)
expect(regsubst(my_array, 'very', 'top')[0]).to eq('top down')
result = regsubst(my_array, 'very', 'top')[1]
expect(result).to be_a(Puppet::Pops::Types::PSensitiveType::Sensitive)
expect(result.unwrap).to eq('top secret')
end
end
end

0 comments on commit 8fcce5c

Please sign in to comment.